Efficient Implementations

One of our research interests is the implementation of strong cryptographic primitives that are
as efficient and energy saving as possible. However, the usage of cryptographic primitives with
proven security properties alone does not guarantee practical security. Hence, most of the today's
implementations are not broken because of their underlying mathematical properties. Many other aspects
need to be considered in order to guarantee a high resistance against state-of-the-art implementation
attacks, like side-channel analysis or fault attacks.

Current Research Topics

Symmetric-Key Cryptography

The confidentiality protection of data was long time the only use case of cryptography. With the
revolution of the Internet, the globally interconnected world had to deal with new problems. How
to ensure that a message has not been changed during transportation over the Internet, or the
authenticity of the sender? New symmetric-key schemes address all of these problems at once and are
not only used for the Internet, but also in embedded computing and many other applications.

Elliptic Curve and Pairing-based Implementations

Public-key cryptography based on elliptic curves offers many different services symmetric-key schemes
cannot offer, like electronic signatures, secure key distribution, mutual key-agreement, or group signatures
for privacy aware authentication. The drawback of public-key cryptography is a much higher
computational complexity than for symmetric-key cryptography. Thus, implementing this type of cryptographic
primitives for constrained devices such as wireless sensor nodes or even RFID tags is very challenging.

RFID Implementations

Radio-frequency Identification (RFID) has a long tradition on our institute. Having our own tag prototypes
with the abilities to reprogram and change their firmware (microcontroller based tags), or even to carry our
self-built hardware (FPGAs), allows us to implement the next generation of RFID tags. The Internet of Things,
which is strongly related to RFID, envisions an autonomous network between everyday objects. The interplay of
highly constrained RFID tags on one side and the requirement of strong security on the other side continues
to make RFID security an interesting research topic.